package com.xys.auth.controller;

import com.xys.auth.bean.Product;
import com.xys.auth.service.IProductService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.stereotype.Controller;
import org.springframework.ui.ModelMap;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.servlet.ModelAndView;

import java.util.List;

@Controller
@RequestMapping("/product")
public class ProductController {

    @Autowired
    IProductService productService;


    @PreAuthorize("hasAuthority('/product/findAll.do')")
    @RequestMapping("/findAll.do")
    public ModelAndView findAll(){
        List<Product> productList = productService.findAll();
        ModelAndView modelAndView = new ModelAndView();
        modelAndView.addObject("productList",productList);
        modelAndView.setViewName("product-list");
        return modelAndView;
    }

    @RequestMapping("/save.do")
    @PreAuthorize("hasAuthority('/product/save.do')")
    public String save(Product product){
       productService.save(product);
       return "redirect:findAll.do";
    }

    @RequestMapping("/delete.do")
    public String delete(String[] ids)
    {

        for (int i = 0; i < ids.length ; i++) {
            productService.delete(ids[i]);
        }
        return "redirect:findAll.do";
    }
}
